Vulnerability Description
The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and email change confirmation. These tokens are generated by hashing the current timestamp formatted as "%d %H:%M:%S" without incorporating any user-specific data or cryptographic randomness. This predictability allows remote attackers to brute-force valid tokens within a small time window, enabling unauthorized account confirmation, password resets, and email change approvals, potentially leading to account takeover.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openml | Openml.Org | <= 2.0.20241110 |
Related Weaknesses (CWE)
References
- https://github.com/openmlProduct
- https://github.com/openml/openml.orgProduct
- https://github.com/openml/openml.org/security/advisories/GHSA-xfjh-gf9p-8qr6Vendor AdvisoryExploit
FAQ
What is CVE-2025-55796?
CVE-2025-55796 is a vulnerability with a CVSS score of 7.5 (HIGH). The openml/openml.org web application version v2.0.20241110 uses predictable MD5-based tokens for critical user workflows such as signup confirmation, password resets, email confirmation resends, and ...
How severe is CVE-2025-55796?
CVE-2025-55796 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-55796?
Check the references section above for vendor advisories and patch information. Affected products include: Openml Openml.Org.